User should be superuser to access complete backoffice.

This commit is contained in:
Víðir Valberg Guðmundsson 2018-08-15 23:47:25 +02:00
parent ccfb3d13d0
commit 9fd5dc27bf
3 changed files with 12 additions and 15 deletions

View file

@ -1,10 +0,0 @@
from camps.mixins import CampViewMixin
from utils.mixins import StaffMemberRequiredMixin
class BackofficeViewMixin(CampViewMixin, StaffMemberRequiredMixin):
"""
Mixin used by all backoffice views. For now just uses CampViewMixin and StaffMemberRequiredMixin.
"""
pass

View file

@ -29,7 +29,7 @@
</a> </a>
{% endif %} {% endif %}
{% if user.is_staff %} {% if user.is_superuser %}
<a href="{% url 'backoffice:public_credit_names' camp_slug=camp.slug %}" class="list-group-item"> <a href="{% url 'backoffice:public_credit_names' camp_slug=camp.slug %}" class="list-group-item">
<h4 class="list-group-item-heading">Approve Public Credit Names</h4> <h4 class="list-group-item-heading">Approve Public Credit Names</h4>
<p class="list-group-item-text">Use this view to check and approve users Public Credit Names</p> <p class="list-group-item-text">Use this view to check and approve users Public Credit Names</p>

View file

@ -1,7 +1,7 @@
import logging import logging
from itertools import chain from itertools import chain
from django.contrib.auth.mixins import PermissionRequiredMixin from django.contrib.auth.mixins import PermissionRequiredMixin, UserPassesTestMixin
from django.views.generic import TemplateView, ListView from django.views.generic import TemplateView, ListView
from django.views.generic.edit import UpdateView from django.views.generic.edit import UpdateView
from django.shortcuts import redirect from django.shortcuts import redirect
@ -15,8 +15,6 @@ from tickets.models import ShopTicket, SponsorTicket, DiscountTicket
from profiles.models import Profile from profiles.models import Profile
from program.models import SpeakerProposal, EventProposal from program.models import SpeakerProposal, EventProposal
from .mixins import BackofficeViewMixin
logger = logging.getLogger("bornhack.%s" % __name__) logger = logging.getLogger("bornhack.%s" % __name__)
@ -52,7 +50,7 @@ class BadgeHandoutView(InfodeskMixin, ListView):
return list(chain(shoptickets, sponsortickets, discounttickets)) return list(chain(shoptickets, sponsortickets, discounttickets))
class TicketCheckinView(InfodeskMixin, BackofficeViewMixin, ListView): class TicketCheckinView(InfodeskMixin, ListView):
template_name = "ticket_checkin.html" template_name = "ticket_checkin.html"
context_object_name = 'tickets' context_object_name = 'tickets'
@ -63,6 +61,15 @@ class TicketCheckinView(InfodeskMixin, BackofficeViewMixin, ListView):
return list(chain(shoptickets, sponsortickets, discounttickets)) return list(chain(shoptickets, sponsortickets, discounttickets))
class BackofficeViewMixin(CampViewMixin, UserPassesTestMixin):
"""
Mixin used by all backoffice views. For now just uses CampViewMixin and StaffMemberRequiredMixin.
"""
def test_func(self):
return self.request.user.is_superuser
class ApproveNamesView(BackofficeViewMixin, ListView): class ApproveNamesView(BackofficeViewMixin, ListView):
template_name = "approve_public_credit_names.html" template_name = "approve_public_credit_names.html"
context_object_name = 'profiles' context_object_name = 'profiles'